Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/ZiY2ltCBtALEYj2L80HrBY1atNI.roa
File: ZiY2ltCBtALEYj2L80HrBY1atNI.roa (raw, json)
Hash identifier: r4AvWv8vnOF2W1jziJhJWuD4ZBM2XbmusVuYtPqhCJM=
Subject key identifier: 66:26:36:96:D0:81:B4:02:C4:62:3D:8B:F3:41:EB:05:8D:5A:B4:D2
Certificate issuer: /CN=ed5293cd4a627a846aed60ca7fb5d5a9019aae51
Certificate serial: 018CC9BB97FB8400C0B94165A94FFD4BA9A0
Authority key identifier: ED:52:93:CD:4A:62:7A:84:6A:ED:60:CA:7F:B5:D5:A9:01:9A:AE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7VKTzUpieoRq7WDKf7XVqQGarlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/ZiY2ltCBtALEYj2L80HrBY1atNI.roa
Signing time: Tue 02 Jan 2024 10:32:43 +0000
ROA not before: Tue 02 Jan 2024 10:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137
IP address blocks: 157.27.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:97:fb:84:00:c0:b9:41:65:a9:4f:fd:4b:a9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5293cd4a627a846aed60ca7fb5d5a9019aae51
Validity
Not Before: Jan 2 10:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66263696d081b402c4623d8bf341eb058d5ab4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cd:22:9f:43:cd:a3:d8:43:bc:fa:05:5c:52:
6d:35:fc:c5:be:7a:49:bb:65:4b:f7:6e:db:06:39:
c4:94:31:7f:5c:bf:91:d3:dc:9d:d6:47:e7:f1:67:
14:1e:4c:c5:04:46:90:56:a4:40:4b:94:25:21:65:
2e:52:1f:c9:e3:99:7b:f4:b2:be:90:ed:0b:d7:55:
25:d9:2c:de:30:a0:28:57:91:70:da:a8:28:98:89:
c9:a0:b6:85:aa:68:e9:c7:71:f9:b2:e4:9c:9c:5f:
5a:04:6a:4c:d7:73:0f:b8:05:67:59:4e:e0:1c:8f:
d4:ec:06:38:c9:52:70:f6:ce:b8:58:f8:1e:59:30:
d3:9f:ca:81:39:29:59:61:8c:37:29:1f:dd:db:8a:
89:43:20:4b:9a:8d:f8:35:23:7f:46:6b:ac:45:e4:
c6:c1:21:1f:4c:97:d7:9e:29:31:96:6b:e2:91:d1:
71:f5:a6:26:40:85:55:25:24:ac:22:9a:30:f1:16:
8b:f2:49:42:f6:a7:ab:e6:9e:6d:b2:cd:5b:f8:d7:
9d:83:de:97:a2:d5:9d:e9:5d:0d:22:8a:f6:a3:a2:
2a:7c:d7:3d:9a:54:4d:a4:47:7a:4e:5a:b1:84:98:
0f:db:13:3d:9b:c9:d4:a2:fc:5e:16:d8:53:70:e5:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:26:36:96:D0:81:B4:02:C4:62:3D:8B:F3:41:EB:05:8D:5A:B4:D2
X509v3 Authority Key Identifier:
keyid:ED:52:93:CD:4A:62:7A:84:6A:ED:60:CA:7F:B5:D5:A9:01:9A:AE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VKTzUpieoRq7WDKf7XVqQGarlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/ZiY2ltCBtALEYj2L80HrBY1atNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2029a9-4396-4717-ab05-e24336ec8a08/1/7VKTzUpieoRq7WDKf7XVqQGarlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:a5:1e:01:f5:fc:a5:30:12:f1:bb:06:9a:05:2e:8c:fc:13:
4d:e6:a6:95:d3:f7:86:37:50:14:09:c9:01:99:7c:b5:9f:29:
98:b9:f5:d1:7e:5f:34:42:09:0a:5b:ae:07:83:c1:08:d2:5c:
08:ef:2d:53:d8:15:13:29:93:d8:72:0a:5f:d7:fa:46:16:a8:
f1:bd:c1:95:c6:74:a5:07:cd:cd:34:4b:cd:41:c3:73:a9:1e:
12:0e:04:b9:92:91:f3:ac:60:f4:2a:23:06:44:66:f4:cc:08:
ae:db:36:f1:e2:45:c4:e2:68:81:ff:c8:cf:b5:a6:c7:ee:9f:
46:02:48:d2:91:08:98:0d:11:2a:2e:f7:48:76:56:1d:ee:af:
52:9c:fb:4b:15:95:3b:60:96:22:57:e7:9d:d0:6e:18:9d:9e:
ec:76:2a:e3:1e:26:84:d2:e3:6f:91:9d:c1:a7:fe:3d:36:f8:
3c:ab:14:1f:3d:89:81:7f:4d:10:d2:ef:54:70:23:e6:fe:3a:
61:f5:68:4d:44:c6:65:9f:8c:11:45:0c:24:fc:d8:b2:04:5e:
a2:74:71:a2:75:93:c2:a9:32:9f:b2:c7:39:1d:16:30:de:ef:
e9:be:87:b0:5d:30:c2:b2:58:17:35:aa:9a:df:e7:bf:b9:3a:
10:5b:c1:02
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJu5f7hADAuUFlqU/9S6mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNTI5M2NkNGE2MjdhODQ2YWVkNjBjYTdmYjVkNWE5MDE5
YWFlNTEwHhcNMjQwMTAyMTAzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI2MzY5NmQwODFiNDAyYzQ2MjNkOGJmMzQxZWIwNThkNWFiNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s0in0PNo9hDvPoFXFJtNfzFvnpJ
u2VL927bBjnElDF/XL+R09yd1kfn8WcUHkzFBEaQVqRAS5QlIWUuUh/J45l79LK+
kO0L11Ul2SzeMKAoV5Fw2qgomInJoLaFqmjpx3H5suScnF9aBGpM13MPuAVnWU7g
HI/U7AY4yVJw9s64WPgeWTDTn8qBOSlZYYw3KR/d24qJQyBLmo34NSN/RmusReTG
wSEfTJfXnikxlmvikdFx9aYmQIVVJSSsIpow8RaL8klC9qer5p5tss1b+Nedg96X
otWd6V0NIor2o6IqfNc9mlRNpEd6TlqxhJgP2xM9m8nUovxeFthTcOWLOQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGYmNpbQgbQCxGI9i/NB6wWNWrTSMB8GA1UdIwQY
MBaAFO1Sk81KYnqEau1gyn+11akBmq5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1ZLVHpVcGllb1JxN1dES2Y3WFZxUUdhcmxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMDI5YTktNDM5Ni00NzE3LWFiMDUt
ZTI0MzM2ZWM4YTA4LzEvWmlZMmx0Q0J0QUxFWWoyTDgwSHJCWTFhdE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMDI5YTktNDM5Ni00NzE3LWFiMDUtZTI0MzM2ZWM4YTA4
LzEvN1ZLVHpVcGllb1JxN1dES2Y3WFZxUUdhcmxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnRswDQYJ
KoZIhvcNAQELBQADggEBAKClHgH1/KUwEvG7BpoFLoz8E03mppXT94Y3UBQJyQGZ
fLWfKZi59dF+XzRCCQpbrgeDwQjSXAjvLVPYFRMpk9hyCl/X+kYWqPG9wZXGdKUH
zc00S81Bw3OpHhIOBLmSkfOsYPQqIwZEZvTMCK7bNvHiRcTiaIH/yM+1psfun0YC
SNKRCJgNESou90h2Vh3ur1Kc+0sVlTtgliJX553Qbhidnux2KuMeJoTS42+RncGn
/j02+DyrFB89iYF/TRDS71RwI+b+OmH1aE1ExmWfjBFFDCT82LIEXqJ0caJ1k8Kp
Mp+yxzkdFjDe7+m+h7BdMMKyWBc1qprf57+5OhBbwQI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:19:53 2025 by rpki-client